Sql 此错误的解决方案
我写了这个查询:Sql 此错误的解决方案,sql,Sql,我写了这个查询: String sql = "Update db " + "SET LName = '"+txtLName.getText()+"'," + "ATC_Code = '"+txtATCcode.getText()+"'," + "ATC_Name= '"+txtATCname.getText()+"'," +
String sql = "Update db " +
"SET LName = '"+txtLName.getText()+"'," +
"ATC_Code = '"+txtATCcode.getText()+"'," +
"ATC_Name= '"+txtATCname.getText()+"'," +
"Course_Name = '"+txtCourseName.getText()+"'," +
"Course_Fee = '"+txtCourseFee.getText()+"'," +
"Where FName = '"+txtFName.getText()+"' ";
我得到了一个错误,比如:
Malformed SQL Statement: Expected ',', found 'Anuja'`.
Statement:Update db SET LName = 'df',ATC_Code = '323',ATC_Name= 'sd',Course_Name = 'd',Course_Fee = '534',Where FName = 'Anuja'
删除
集合语句的最后一个,
:
String sql = "Update db " +
"SET LName = '"+txtLName.getText()+"'," +
"ATC_Code = '"+txtATCcode.getText()+"'," +
"ATC_Name= '"+txtATCname.getText()+"'," +
"Course_Name = '"+txtCourseName.getText()+"'," +
"Course_Fee = '"+txtCourseFee.getText() + //here does not need '
"Where FName = '"+txtFName.getText()+"' ";
另一方面,这种sql命令生成(连接包含某些值的字符串)可能会受到sql注入攻击的怀疑,为了防止这种类型的攻击,请使用参数并设置参数值。有关更多信息,请参阅
Update db
SET LName = 'df',
ATC_Code = '323',
ATC_Name= 'sd',
Course_Name = 'd',
Course_Fee = '534',
Where FName = 'Anuja'
仅将更改删除最后一个逗号“,”
Update db
SET LName = 'df',
ATC_Code = '323',
ATC_Name= 'sd',
Course_Name = 'd',
Course_Fee = '534'
Where FName = 'Anuja'
你不能给我们看看SQL语句吗?(这样更容易找到问题!)请编辑您的问题
标题,查看一些有意义的标题